Dmitry, that is an excellent callout. We ideally need to limit single points of failure in our codebase and dependencies where reasonably possible. We need to be mindful of the ability to remedy security issues should they be discovered. -Julia On Mon, Jun 10, 2024 at 7:33 AM Dmitry Tantsur <dtantsur@protonmail.com> wrote:
Hi,
If we go with this proposal (which sounds reasonable), we need to carefully look at cotyledon's maintenance. It seems to be on life support by only one volunteer: https://github.com/sileht/cotyledon/commits/main/
Dmitry
On 6/10/24 11:09 AM, Daniel Bengtsson wrote:
Hi there,
In the project to remove eventlet from openstack[1], we need to adapt oslo.service. The oslo.service project is strongly linked to eventlet, so rather than adapting the project, it would be wiser to deprecate it and replace it with cotyledon and futurist. The cotyledon project was created by openstack maintainers to replace oslo.service. It is already used in openstack by the telemetry project, for example. The oslo.service project has been created on top of eventlet to offer two main functionalities, periodic tasks and workers process management. The first feature has been replaced by another library called futurist[2] and the second is surpassed by cotyledon. More details in the project readme[3] about the difference with oslo.service. I would like to have your feedback and opinion on the deprecation of olso.service and it's replacement by cotyledon and futurist. In any case, we'll have to adapt the project, which is why replacing oslo.service with cotyledon seems to me the best solution, rather than having two similar projects doing the same thing.
[1] https://review.opendev.org/c/openstack/governance/+/902585 [2] http://docs.openstack.org/developer/futurist/ [3] https://github.com/sileht/cotyledon/blob/main/README.rst
-- Daniel Bengtsson Software Engineer